Internal Vulnerability Assessment.png

INTERNAL VULNERABILITY ASSESSMENT

This service requires access to your internal network and systems in order to simulate someone who has gained access from the internet or an insider threat from an employee.  The service will scan and review your internal networks and systems looking for weaknesses such as poorly maintained or designed systems, insecure Wi-Fi networks, insecure access controls, or opportunities to access and steal sensitive data. The service will identify weaknesses, but not exploit them. It should be noted that although the interaction with your systems is kept to a minimum, there is always a risk that poorly maintained or designed systems can suffer outages during vulnerability assessments. That is why all internal vulnerability assessments are supported with back-out and recovery plans agreed in advance to minimise risk.

 

Service reporting will describe in plain language, what each weakness means to your business and the risks associated with each.  Service reporting will include plans and guidance on how to fix those weaknesses.

 

We are able to recommend our IASME trusted partners network to provide additional services such as a full penetration test. Our trusted partners have been subject to due diligence checks by the accreditation body appointed by the National Cyber Security Centre, the UK’s National Technical Authority who are apart of GCHQ. They are also certification bodies for Cyber Essentials and Cyber Essentials Plus schemes which assure you have considered the most common cyber technical controls.

South East CRC White copy.png

USEFUL LINKS

CONNECT WITH US

  • LinkedIn
  • Twitter
  • YouTube

© 2021 - The Cyber Resilience Centre for the South East

The contents of this website are provided for general information only and are not intended to replace specific professional advice relevant to your situation. The intention of The Cyber Resilience Centre for the South East is to encourage cyber resilience by raising issues and disseminating information on the experiences and initiatives of others.  Articles on the website cannot by their nature be comprehensive and may not reflect most recent legislation, practice, or application to your circumstances. The Cyber Resilience Centre for the South East provides affordable services and Trusted Partners if you need specific support. For specific questions please contact us.

 

The Cyber Resilience Centre for the South East does not accept any responsibility for any loss which may arise from reliance on information or materials published on this document. The Cyber Resilience Centre for the South East is not responsible for the content of external internet sites that link to this site or which are linked from it.